VYPR

Vendor CVEs

Google

All CVEs

11,369 total · sorted by risk
  • CVE-2020-0453MedNov 10, 2020
    risk 0.36cvss 5.5epss 0.00

    In updateNotification of BeamTransferManager.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2020-0448MedNov 10, 2020
    risk 0.36cvss 5.5epss 0.00

    In getPhoneAccountsForPackage of TelecomServiceImpl.java, there is a possible way to access a tracking identifier due to a missing permission check. This could lead to local information disclosure of the identifier, which could be used to track an account across devices, with no…

  • CVE-2020-0437MedNov 10, 2020
    risk 0.36cvss 5.5epss 0.00

    In CellBroadcastReceiver's intent handlers, there is a possible denial of service due to a missing permission check. This could lead to local denial of service of emergency alerts with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2020-15989MedNov 3, 2020
    risk 0.36cvss 5.5epss 0.01

    Uninitialized data in PDFium in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.

  • CVE-2020-0419MedOct 14, 2020
    risk 0.36cvss 5.5epss 0.00

    In generateInfo of PackageInstallerSession.java, there is a possible leak of cross-profile URI data during app installation due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not…

  • CVE-2020-0415MedOct 14, 2020
    risk 0.36cvss 5.5epss 0.00

    In various locations in SystemUI, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure of contact data with User execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2020-0400MedOct 14, 2020
    risk 0.36cvss 5.5epss 0.00

    In showDataRoamingNotification of NotificationMgr.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2020-0398MedOct 14, 2020
    risk 0.36cvss 5.5epss 0.00

    In updateMwi of NotificationMgr.java, there is a possible permission bypass due to a PendingIntent error. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10…

  • CVE-2020-0246MedOct 14, 2020
    risk 0.36cvss 5.5epss 0.00

    In getCarrierPrivilegeStatus of UiccAccessRule.java, there is a missing permission check. This could lead to local information disclosure of EID data with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2020-0365MedSep 18, 2020
    risk 0.36cvss 5.5epss 0.00

    In netd, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-137346580

  • CVE-2020-0331MedSep 18, 2020
    risk 0.36cvss 5.5epss 0.00

    In Settings, there is a possible permissions bypass. This could lead to local information disclosure of the device's IMEI with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-147309310

  • CVE-2020-0327MedSep 18, 2020
    risk 0.36cvss 5.5epss 0.00

    In core networking, there is a missing permission check. This could lead to local information disclosure of app network usage with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-129151407

  • CVE-2020-0316MedSep 18, 2020
    risk 0.36cvss 5.5epss 0.00

    In Telephony, there is a missing permission check. This could lead to local information disclosure of radio data with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-154934919

  • CVE-2020-0315MedSep 18, 2020
    risk 0.36cvss 5.5epss 0.00

    In Zen Mode, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-155642026

  • CVE-2020-0313MedSep 18, 2020
    risk 0.36cvss 5.5epss 0.00

    In NotificationManagerService, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android…

  • CVE-2020-0311MedSep 18, 2020
    risk 0.36cvss 5.5epss 0.00

    In InputManagerService, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID:…

  • CVE-2020-0310MedSep 18, 2020
    risk 0.36cvss 5.5epss 0.00

    In Settings, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-153356468

  • CVE-2020-0307MedSep 18, 2020
    risk 0.36cvss 5.5epss 0.00

    In Settings, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-151645867

  • CVE-2020-0304MedSep 18, 2020
    risk 0.36cvss 5.5epss 0.00

    In Settings, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-151645695

  • CVE-2020-0302MedSep 18, 2020
    risk 0.36cvss 5.5epss 0.00

    In Settings, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-151646375

  • CVE-2020-0295MedSep 18, 2020
    risk 0.36cvss 5.5epss 0.00

    In Telecom, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-155650969

  • CVE-2020-0294MedSep 18, 2020
    risk 0.36cvss 5.5epss 0.00

    In bindWallpaperComponentLocked of WallpaperManagerService.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2020-0284MedSep 18, 2020
    risk 0.36cvss 5.5epss 0.00

    In Telephony, there is a possible permission bypass due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID:…

  • CVE-2020-0276MedSep 18, 2020
    risk 0.36cvss 5.5epss 0.00

    In Telephony, there is a possible permission bypass due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID:…

  • CVE-2020-0269MedSep 18, 2020
    risk 0.36cvss 5.5epss 0.00

    In Android Auto Settings, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID:…

  • CVE-2020-0265MedSep 18, 2020
    risk 0.36cvss 5.5epss 0.00

    In Telephony, there are possible leaks of sensitive data due to missing permission checks. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android…

  • CVE-2020-0263MedSep 18, 2020
    risk 0.36cvss 5.5epss 0.00

    In the Accessibility service, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android…

  • CVE-2020-0318MedSep 18, 2020
    risk 0.36cvss 5.5epss 0.00

    In the System UI, there is a possible system crash due to an uncaught exception. This could lead to local permanent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID:…

  • CVE-2020-0426MedSep 17, 2020
    risk 0.36cvss 5.5epss 0.00

    In SyncManager, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID:…

  • CVE-2020-0425MedSep 17, 2020
    risk 0.36cvss 5.5epss 0.00

    There is a possible way to view notifications even when the "Lockdown" feature is on. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID:…

  • CVE-2020-0352MedSep 17, 2020
    risk 0.36cvss 5.5epss 0.00

    In MediaProvider, there is a possible permissions bypass due to SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID:…

  • CVE-2020-0344MedSep 17, 2020
    risk 0.36cvss 5.5epss 0.00

    In MediaProvider, there is a possible permissions bypass due to SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID:…

  • CVE-2020-0337MedSep 17, 2020
    risk 0.36cvss 5.5epss 0.00

    In MediaProvider, there is a possible bypass of a permissions check due to a confused deputy. This could lead to local information disclosure, with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID:…

  • CVE-2020-0329MedSep 17, 2020
    risk 0.36cvss 5.5epss 0.00

    In the OMX encoder, there is a possible out of bounds read due to invalid input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android…

  • CVE-2020-0314MedSep 17, 2020
    risk 0.36cvss 5.5epss 0.00

    In AudioService, there are missing permission checks. This could lead to local information disclosure of audio configuration with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-154934920

  • CVE-2020-0312MedSep 17, 2020
    risk 0.36cvss 5.5epss 0.00

    In Battery Saver, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID:…

  • CVE-2020-0308MedSep 17, 2020
    risk 0.36cvss 5.5epss 0.00

    In Window Manager, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID:…

  • CVE-2020-0297MedSep 17, 2020
    risk 0.36cvss 5.5epss 0.00

    In devicepolicy service, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID:…

  • CVE-2020-0293MedSep 17, 2020
    risk 0.36cvss 5.5epss 0.00

    In Java network APIs, there is possible access to sensitive network state due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation in Android versions:…

  • CVE-2020-0290MedSep 17, 2020
    risk 0.36cvss 5.5epss 0.00

    In PackageManager, there is a missing permission check. This could lead to local information disclosure across users with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-153996866

  • CVE-2020-0289MedSep 17, 2020
    risk 0.36cvss 5.5epss 0.00

    In PackageManager, there is a missing permission check. This could lead to local information disclosure across users with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-153996872

  • CVE-2020-0288MedSep 17, 2020
    risk 0.36cvss 5.5epss 0.00

    In PackageManager, there is a missing permission check. This could lead to local information disclosure across user boundaries with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID:…

  • CVE-2020-0274MedSep 17, 2020
    risk 0.36cvss 5.5epss 0.00

    In the OMX parser, there is a possible information disclosure due to a returned raw pointer. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2020-0125MedSep 17, 2020
    risk 0.36cvss 5.5epss 0.00

    In mediadrm, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID:…

  • CVE-2020-0427MedSep 17, 2020
    risk 0.36cvss 5.5epss 0.00

    In create_pinctrl of core.c, there is a possible out of bounds read due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2020-0404MedSep 17, 2020
    risk 0.36cvss 5.5epss 0.00

    In uvc_scan_chain_forward of uvc_driver.c, there is a possible linked list corruption due to an unusual root cause. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2020-0399MedSep 17, 2020
    risk 0.36cvss 5.5epss 0.00

    In showLimitedSimFunctionWarningNotification of NotificationMgr.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for…

  • CVE-2020-0396MedSep 17, 2020
    risk 0.36cvss 5.5epss 0.00

    In various places in Telephony, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1…

  • CVE-2020-0395MedSep 17, 2020
    risk 0.36cvss 5.5epss 0.00

    In showNotification of EmergencyCallbackModeService.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2020-0390MedSep 17, 2020
    risk 0.36cvss 5.5epss 0.00

    In the app zygote SE Policy, there is a possible permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11Android ID:…

Page 146 of 228